Category Archives: Contingency Planning

Are Ransom Payments Supporting Terrorists?

– Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers. I find it curious that these insurance companies seem to be willing to pay…

Cybersecurity and the Government Shutdown

– I had originally thought of comparing the impact on cybersecurity of the December 2018/January 2019 35-day partial government shutdown to other forms of upheaval, bringing in references to my chapter “IAM Risks during Organizational Change and Other Forms of Major Upheaval,” in Digital…

Cyberwarfare … Back(up) to Basics

– It seems that some folks are talking about reverting to former manual or analog methods should current cyber systems be compromised through cyberattacks by hostile nation states, terrorists or criminal groups. But, as we quickly found out when we were creating Y2K contingency plans, it isn’t…

Catastrophes and Information Security Risk

– The world has certainly experienced its share of natural catastrophes over the past few months—major hurricanes, extensive flooding, powerful earthquakes, record-breaking wildfires—as well as manmade tragedies—mass shootings, vehicles driven into crowds, refugees escaping from warring…

Cybersecurity’s “Forward to the Past”

– On June 21, 2017, Congress received a letter from 103 eminent cybersecurity experts and researchers (the list was compiled by NEDC (The National Election Defense Coalition) and partners) about reducing election hacking risks. You can link to the letter via Zack Wittaker’s article “Security…